Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
Bookmark
|
Subscribe
|
1138
Views
0
Helpful
4
Replies

DNAC - Provisioning - Exception occurred while parsing expiry time

Joris Deprouw
Level 1
Level 1

‎06-20-2024 05:09 AM

Hi All,

I have an issue with one of my 9300 switches in DNAC.

I have added 51 switches in total, but 1 of the switches has an issue when assigning it to a site. The switch has been assigned to a site before, but after deleting it, and re-discovering it, I'm not able to get it in DNAC again without errors.

I can assign it to a site, but it already gives me an error when trying to.

  • Started process: PKCS12 Internal Certificate Configure
  • Cisco DNA Center x.x.x.x is reachable from device x.x.x.x
  • Exception occurred while parsing expiry time : "07:33:43 GMT+2 Jun 13 2025" of the PKCS Certificate. Please make sure standard Time-Zone ID is configured on the device clock settings
  • Configuration failed due to : Exception occurred while parsing expiry time : "07:33:43 GMT+2 Jun 13 2025" of the PKCS Certificate. Please make sure standard Time-Zone ID is configured on the device clock settings.

All switches are running version 17.9.4a. I have deleted and re-discovered the device. I have changed the clock settings on that specific switch, but without success.

What is the standard Time-Zone ID? Any thoughts?

Kr,

Joris

Labels:
0 Helpful
4 Replies 4

Torbjørn
VIP
VIP

‎06-20-2024 06:03 AM

I believe this is best solved by resetting and onboarding the switch again with "pnpa service reset". Alternatively you can try deleting the certificate to have it enrolled with a new one with "no crypto pki trustpoint dnac-ca"

Happy to help! Please mark as helpful/solution if applicable.
Get in touch: https://torbjorn.dev
0 Helpful

Joris Deprouw
Level 1
Level 1

‎06-20-2024 06:24 AM

Hi.

Doing a pnpa service reset is a bit more difficult, since there are active users on the switch. That would mean downtime in my case.

I have already tried deleting the certificate, but without luck. I stil get the same error, and after a retry, the crypto pki trustpoint dnac-ca certificate does not re apear...

Kr,

Joris

0 Helpful

Torbjørn
VIP
VIP
In response to Joris Deprouw

‎06-20-2024 06:42 AM

Okay, I assumed this switch was being redeployed.

The default timezone for Catalyst Center is set to UTC. I don't know that it will work, but I would try to set it to UTC, resync then try to reprovision the device.

Happy to help! Please mark as helpful/solution if applicable.
Get in touch: https://torbjorn.dev
0 Helpful

Joris Deprouw
Level 1
Level 1
In response to Torbjørn

‎06-22-2024 01:51 PM

Hi,

I solved the issue by removing the switch from DNAC, once discovered, assigning the switch to another site. 

After that I reassigned it to the original site again. Never received the message about the PKCS again...

Kr,

0 Helpful
Related community topics
Top